BOSA chooses ForgeRock to protect your online identity

 

BOSA, the Federal Public Service Policy and Support (formerly known as Fedict), is working hard to develop and enhance e-government.

In the past, you were obligated to walk through a gateway or door in order to get to work and access your files. Today, you may have online access to your digital files based on your identity. Employees used to have to walk to a filing cabinet to look something up, but now they simply log in to a database. A similar situation also applies in the relationship between a business and its customers. You can, for example, pay for online purchases by logging on to PayPal.

Each application requires a customised level of security and the importance of the user experience also varies from one application to the next. A regular password is probably sufficient for something that you subsequently need to sign for. The highest level of assurance is required for accessing Tax-on-web or other sensitive public services, and gaining access must be easy and user-friendly. It is therefore crucial for BOSA that your identity can be established reliably at any time, and that this data is stored securely.

THE PROJECT

E-government is continuing to grow, and identity is the cornerstone for this. To guarantee secure identification, BOSA selected ForgeRock to support identity and access management for the Federal Authentication Service (FAS). Devoteam | Paradigmo, which is specialised in identity and access management, is a ForgeRock partner. It handled the migration from FAS to ForgeRock’s OpenAM. 

ForgeRock is a flexible system. Although the software is open source, extensive support is provided. There is no other product on the market that can compare to ForgeRock.


David Mampaey
Service Manager
BOSA

BOSA used to work only with the eID and tokens. However, there are now dozens of systems emerging which you can use to log in, for example Google Authenticator. This application uses a one-time password and is already available. Moreover, authentication based on iris recognition or other forms of biometric identification are emerging. BOSA therefore needs to work on new authentication methods that will lead to more people making use of digital services provided by the government, but still enable citizens to log on in a secure manner.

THE SOLUTION

ForgeRock provides a secure connection between the government and citizens. CSAM (Common Secure Access Management System), the result of collaboration between various public services, is the system used to access some 800 digital applications provided by the federal government and regional and local authorities. BOSA takes care of the one-time, secure identification of an individual. At the same time, it supplies information to the 800 applications. For example, BOSA ensures that the applications used in central databases can check which people have been given a particular mandate for a certain business, e.g. filing VAT returns or bidding for public tenders.

Devoteam and system integrator NRB/Trasys provide BOSA with support in day-to-day operations and in the event of incidents under a service level agreement (SLA). As it turns out, there is little need for this agreement. BOSA started out six years ago with 2 million user licences, today there are 3.2 million. This steady growth is certain to continue.

THE BENEFITS

For members of the public:

  • Simple, standardised public access to all applications connected to the FAS
    • For end users (citizens)
    • For those holding mandates (e.g. accountants)
  • Range of authentication methods (from username/password to identity card)
  • Adequate protection of confidential information (e.g. Tax-on-web)

For providers:

  • Your identity can be clearly established, allowing you to gain access to many services
  • New applications can be easily added for the entire government sector (federal, regional and local)
  • New authentication systems can be added easily
  • Flexible – central mandate management
devoteam

Contact

Olivier Naveau

Expert Director

Digital Identity

Devoteam Belgium